CVE-2024-0206

HIGH Year: 2024
CVSS v3 Score
7.8
High
Weakness Type
CWE-59
View all →

Vulnerability Description

A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry folder with a symbolic link to files that the user wouldn't normally have permission to. After a scan, the Engine would follow the links and remove the files

Related Vulnerabilities

CVE-2003-0578

HIGH
CVSS:7.8(High)

cci_dir in IBM U2 UniVerse 10.0.0.9 and earlier creates hard links and unlinks files as root, which allows local users to gain privileges by deleting and overwriting arbitrary files.

CWE-592003

CVE-2008-7273

HIGH
CVSS:7.8(High)

A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling.

CWE-592008

CVE-2011-3618

HIGH
CVSS:7.8(High)

atop: symlink attack possible due to insecure tempfile handling

CWE-592011

CVE-2012-1093

HIGH
CVSS:7.8(High)

The init script in the Debian x11-common package before 1:7.6+12 is vulnerable to a symlink attack that can lead to a privilege escalation during package installation.

CWE-592012

CVE-2013-4364

HIGH
CVSS:7.8(High)

(1) oo-analytics-export and (2) oo-analytics-import in the openshift-origin-broker-util package in Red Hat OpenShift Enterprise 1 and 2 allow local users to have unspecified impact via a symlink attac...

CWE-592013

CVE-2014-3219

HIGH
CVSS:7.8(High)

fish before 2.1.1 allows local users to write to arbitrary files via a symlink attack on (1) /tmp/fishd.log.%s, (2) /tmp/.pac-cache.$USER, (3) /tmp/.yum-cache.$USER, or (4) /tmp/.rpm-cache.$USER.

CWE-592014